Skip to content
This repository was archived by the owner on Dec 5, 2025. It is now read-only.

Update dependency wheel to ~=0.38 [SECURITY] #715

Merged
SamuelHassine merged 1 commit into from
Aug 19, 2024
Merged

Update dependency wheel to ~=0.38 [SECURITY] #715

SamuelHassine merged 1 commit into from
Aug 19, 2024

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Aug 6, 2024

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
wheel (changelog) ~=0.36 -> ~=0.38 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2022-40898

Python Packaging Authority (PyPA) Wheel is a reference implementation of the Python wheel packaging standard. Wheel 0.37.1 and earlier are vulnerable to a Regular Expression denial of service via attacker controlled input to the wheel cli. The vulnerable regex is used to verify the validity of Wheel file names. This has been patched in version 0.38.1.

Release Notes

pypa/wheel (wheel)

v0.38.1

Compare Source

v0.38.0

Compare Source

v0.37.1

Compare Source

v0.37.0

Compare Source

v0.36.2

Compare Source

v0.36.1

Compare Source

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added dependencies use for pull requests that update a dependency file filigran team use to identify PR from the Filigran team labels Aug 6, 2024
@SamuelHassine SamuelHassine merged commit 5b396b9 into master Aug 19, 2024
@SamuelHassine SamuelHassine deleted the renovate/pypi-wheel-vulnerability branch August 19, 2024 06:54
aHenryJard pushed a commit to OpenCTI-Platform/opencti that referenced this pull request Nov 12, 2025
@renovate
Update dependency wheel to ~=0.38 [SECURITY] (OpenCTI-Platform/client…
baf05fa 
…-python#715)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

(original commit: OpenCTI-Platform/client-python@5b396b9)
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies use for pull requests that update a dependency file filigran team use to identify PR from the Filigran team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@SamuelHassine